const express = require('express');
const userController = require('../controllers/userController');
const { protect, restrictTo } = require('../middlewares/authMiddleware');

const router = express.Router();

// 公开路由
router.post('/register', userController.register);
router.post('/login', userController.login);

// 保护的路由（需要登录）
router.use(protect);

router.get('/me', userController.getCurrentUser);
router.patch('/update', userController.updateUser);
router.patch('/update-password', userController.updatePassword);
router.get('/learning-progress', userController.getLearningProgress);
router.patch('/learning-progress', userController.updateLearningProgress);

// 管理员路由
router.use(restrictTo('admin'));
router.get('/', userController.getAllUsers);

module.exports = router;